NAME

     kdestroy - destroy Kerberos tickets

SYNOPSIS

     kdestroy [-5] [-4] [-q] [-c cache_name]

DESCRIPTION

     The kdestroy utility destroys  the  user's  active  Kerberos
     authorization  tickets  by  writing  zeros  to the specified
     credentials cache that contains them.   If  the  credentials
     cache  is  not  specified,  the default credentials cache is
     destroyed.  If kdestroy was built with Kerberos  4  support,
     the  default behavior is to destroy both Kerberos 5 and Ker-
     beros 4 credentials.  Otherwise, kdestroy  will  default  to
     destroying only Kerberos 5 credentials.

OPTIONS

     -5   destroy Kerberos 5 credentials.  This  overrides  what-
          ever the default built-in behavior may be.  This option
          may be used with -4

     -4   destroy Kerberos 4 credentials.  This  overrides  what-
          ever the default built-in behavior may be.  This option
          is only available if kinit was built  with  Kerberos  4
          compatibility.  This option may be used with -5

     -q   Run quietly.  Normally kdestroy beeps if  it  fails  to
          destroy  the  user's  tickets.   The -q flag suppresses
          this behavior.

     -c cache_name
          use cache_name as the credentials (ticket)  cache  name
          and  location;  if this option is not used, the default
          cache name and location are used.

          The default credentials cache may vary between systems.
          If  the  KRB5CCNAME  environment  variable  is set, its
          value is used to name the default ticket cache.

     Most installations recommend that  you  place  the  kdestroy
     command  in your .logout file, so that your tickets are des-
     troyed automatically when you log out.

ENVIRONMENT

     Kdestroy uses the following environment variables:

     KRB5CCNAME      Location  of  the  Kerberos  5   credentials
                     (ticket) cache.

     KRBTKFILE      Filename  of  the  Kerberos   4   credentials
                    (ticket) cache.

FILES

     /tmp/krb5cc_[uid]  default location of  Kerberos  5  creden-
                        tials  cache ([uid] is the decimal UID of
                        the user).

     /tmp/tkt[uid]  default location of  Kerberos  4  credentials
                    cache ([uid] is the decimal UID of the user).

SEE ALSO

     kinit(1), klist(1), krb5(3)

BUGS

     Only the tickets in the specified credentials cache are des-
     troyed.   Separate  ticket  caches  are  used  to  hold root
     instance and password changing tickets.  These should  prob-
     ably  be destroyed too, or all of a user's tickets kept in a
     single credentials cache.
Man(1) output converted with man2html